Wordfence Malicious File Alert: wp-content/plugins/wp-mailfrom-ii/modal.php

  • Resolved persiusx

    (@persiusx)


    8 years, 8 months ago

    Hello,

    Reaching out to the plugin author to see if anyone has potentially seen this happen with this plugin. We are running Wordfence and see that somehow this plugin folder was infiltrated and a file called modal.php (not part of the plugin files) was created. Not pointing the finger saying this plugin has a leak but wanted to open the dialogue.

    File appears to be malicious: wp-content/plugins/wp-mailfrom-ii/modal.php

    This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: “\x65\x76\x61\x6C\x28”.

    WordPress: Fully updated 4.4.2
    Wordfence: Version 6.0.24

    https://www.ads-software.com/plugins/wp-mailfrom-ii/

Viewing 1 replies (of 1 total)
  • Plugin Author Ben Huson

    (@husobj)

    Hi

    I’ve had a look through the plugin code and couldn’t spot any weaknesses. Obvious another pair or eyes on it would be useful to double-check.

    I’ve see similar malicious files introduced on other WordPress installs and the location of the malicious files can often be seem random – not necessarily occurring in the same directory as the weakness.

    Ben

Viewing 1 replies (of 1 total)
  • The topic ‘Wordfence Malicious File Alert: wp-content/plugins/wp-mailfrom-ii/modal.php’ is closed to new replies.